• No results found

PRiSM Security. Configuration and considerations

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "PRiSM Security. Configuration and considerations"

Copied!
52
0
0

Loading.... (view fulltext now)

Download now ( 52 Page )

Full text

(1)

PRiSM

Security

(2)
(3)
(4)

Confidential & Proprietary.

Three Aspects of Security

●Authentication

● Who can log into PRiSM

●Security Groups

● What items can they view

●Security Roles

(5)
(6)

Confidential & Proprietary.

PRiSM Users

●Windows active directory

● Active directory user

● Active directory user group

●Local machine accounts

● PRiSM Server only

●Security considerations

● PRiSM Stores only the windows system identifier (SID) ● Not usernames

(7)

Confidential & Proprietary.

Authentication Process

1. Collect SID from client machine

2. Compares SID to PRiSM database

● List of authorized users and groups ● List of authorized user groups

(8)
(9)

Confidential & Proprietary.

Client Computer PRiSM Server

Client Authentication - Web

(10)

Confidential & Proprietary.

Client Computer PRiSM Server

Client Authentication - Local

(11)

Confidential & Proprietary.

Anonymous Authentication

(12)
(13)

Confidential & Proprietary.

Administer Users

(14)

Confidential & Proprietary.

(15)

Confidential & Proprietary.

(16)
(17)

Confidential & Proprietary.

Security Groups

●Restricted View Access

● Assets

● Templates ● Projects

(18)

Confidential & Proprietary.

Full Access Group

(19)

Confidential & Proprietary.

New Security Group

(20)

Confidential & Proprietary.

Details

●Group Name

● Name shown when configuring a user

(21)

Confidential & Proprietary.

Assets

●Allowed Assets

● Drag and drop from hierarchy to pane on right

● Add every asset or folder the user will have access to

●Deleting

● Click ID

(22)

Confidential & Proprietary.

Assets Access in Client

(23)

Confidential & Proprietary.

Assets Access in Web

(24)

Confidential & Proprietary.

Templates

(25)

Confidential & Proprietary.

Templates Access Application

(26)

Confidential & Proprietary.

Templates Access Application

●Users will be able to associate allowed templates only

(27)

Confidential & Proprietary.

Project Access

●Access to projects determined by asset and template access

● Asset (Default configuration)

(28)

Confidential & Proprietary.

Project Access Example

Asset Only

● The user has been given asset to

● Allowed Asset ● Allowed Template

● Allowed Asset

● Project – No Template ● Project – Allowed Template ● Project – Restricted Template

● Restricted Asset

(29)

Confidential & Proprietary.

Project Access Example

Both Asset and Template

● The user has been given asset to

● Allowed Asset ● Allowed Template

● Allowed Asset

● Project – No Template ● Project – Allowed Template ● Project – Restricted Template

● Restricted Asset

(30)

Confidential & Proprietary.

Project Access Example

Either Asset or Template

● The user has been given asset to

● Allowed Asset ● Allowed Template

● Allowed Asset

● Project – No Template ● Project – Allowed Template ● Project – Restricted Template

● Restricted Asset

(31)

Confidential & Proprietary.

(Non-derived Template)

●Useful with Both Asset and Template or Either Template or Asset

configurations

(32)

Confidential & Proprietary.

Real Time Services Access

●Users will be able to view allowed real time services only

● Points

(33)

Confidential & Proprietary.

Service vs Service Type

Service Service Type

● Access to specific services ● Access to all services

(34)

Confidential & Proprietary.

RTS Access Application

(35)

Confidential & Proprietary.

RTS Access Application

(36)

Confidential & Proprietary.

RTS Access Application

●Trending

● Actual (Source RTS) cannot be used

(37)

Confidential & Proprietary.

Members

(38)
(39)

Confidential & Proprietary.

Administrator

●Administrator

(40)
(41)

Confidential & Proprietary.

Read Only

● Read Only Access

● View Projects ● View Templates ● View Alarms

● View Annunciators

● Read Only Restrictions

● System settings

● Service configuration ● User management ● Asset management

(42)

Confidential & Proprietary.

Custom

●Custom Roles

(43)

Confidential & Proprietary.

Role Details

●Client login

● Allows user to log into PRiSM Client

●Web login

● Allows user to log into PRiSM Web

●Modify Projects

● Create, edit, and delete projects

●Modify Templates

● Create, edit, and delete templates

●Clear Alarms (Manage Alarms)

(44)

Confidential & Proprietary.

Role Details

● Quick Train

● The allows users to quick train projects ● Also requires “modify projects”

● Modify Annunciator Panel

● Create, edit, and delete annunciator panels

● Modify System Preferences

● Edit system preferences in PRiSM client ● Edit system preferences in PRiSM web

● Modify User Preferences

(45)

Confidential & Proprietary.

Role Details

●Modify Real Time Services

● This allows users to configure RTSs

● Service administration and agent administration

●Modify Web Services

● This allows users to define external web data services

●Modify Local Configuration

● This allows users to open the local configuration file though the about screen and the local hosts file from the eDNA Configuration Screen

●Modify User Libraries

(46)

Confidential & Proprietary.

Role Details

●Manage Notifications

● This allows access to the general notification settings, notification format, and manage notification only account subscriptions.

●Manage Assets

● This allows access to the asset management screen and controls access to create new folders when changing project’s asset folder.

●Manage Users

(47)

Confidential & Proprietary.

Additional Administrator Role Access

●Administrator

(48)
(49)

Confidential & Proprietary.

Asset Role

●Allows a user’s role to be different in specific assets

●Example usage

● User’s default access is read only ● In a specific asset has user access

(50)

Confidential & Proprietary.

Asset Role

(51)

Confidential & Proprietary.

Asset Role

(52)

References

Download now ( PDF - 52 Page - 1.91 MB )

Related documents

Amadeus Selling Platform

Amadeus Selling Platform คือ ระบบสํารองที่นั่งที่ทันสมัยที่สุดของ Amadeus โดยผาน ระบบ browser-base คุณสามารถทําการสํารองที่นั่งไดทั้งแบบ Graphic Page

Biotechnological approaches for improved disease resistance in soybean and wheat

It has previously been shown that recombinant antimicrobial peptides (AMP) are a possible source of increased resistance to fungal plant pathogens when expressed in a variety

Improve Your Home Health Nursing Documentation

• 2/9/12 Reviewed foot care instructions with patient and spouse. Able

Oracle Application Server 10g Web Services Frequently Asked Questions Oct, 2006

Oracle Application Server Web Services provides a tool named Oracle Web Service Assembler (WSA) that allow developer to create client and server Web service artifacts.. Oracle WSA

Perceptive Enterprise Search

Client Desktop Client Desktop Client Desktop Perceptive Lotus Oracle ERP / CRM Exchange SQL Server SharePoint Access File Servers Social + Web TRIM Custom App PROBLEM

Developing A Virtual Reality Application of Pathok Negoro Mosque for Digital Conservation

Vol 2, No 1, October 2019 Developing A Virtual Reality Application of Pathok Negoro Mosque for Digital Conservation.. Setyawati, Asyifa,

Consumo de álcool entre estudantes de enfermagem Alcohol consumption among nursing students

Possible explanation would be that second year student are more socialized and therefore attending many party where drinking more at same time second year student need further

Acceptability of road pricing and revenue use in the Netherlands

Six different possibilities were evaluated on acceptance by the respondents (general budget, new roads, improve public transport, abandon existing car taxation, lower fuel taxes,